On May 22, 2015, at 9:13 PM, Tycho Andersen <tycho.ander...@canonical.com> wrote:
> On Fri, May 22, 2015 at 05:14:06PM -0700, Kevin LaTona wrote: >> >> This past week or so I ran into an issue of not being able to connect a test >> LXD rest server on my local network. >> >> I've tested this problem out from pretty much every angle I can think of. >> >> Every thing from fresh OS, server, SSL lib installs to upgrades of current >> running apps on my machines. >> >> >> Pretty much unless I am missing some small fundamental piece that is >> preventing current shipping vivid server to allow connections to the LXD >> rest server. >> >> My take is there is a bug . >> >> If this true, what is the best way to let the LXC team know about this to >> see how to get to next step? >> >> >> To sum it up I am able to connect to a public LXD rest server. >> >> # from vivid container --> public LXD server ( container >> to public ) >> curl -k https://images.linuxcontainers.org/1.0/images >> # {"status": "Success", "metadata": ["/1.0/images/e7ae410ee8abeb6 >> >> >> No matter how and from what angle I try connecting to a local test LXD rest >> server it is having connections issues. >> >> # vivid container 10.0.3.5 --> 192.168.0.50:8443 ( container to host >> machine ) >> # this container can ping 192.168.0.50 >> curl -k https://192.168.0.50:8443/1.0/images >> # curl: (35) error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad >> certificate > > You probably need to pass --cert and --key to curl as well; you can > see examples of this in the /tests directory. I'll look into that to see if that helps. Yet I am able to hit the images.linuxcontainers.org server from all …. Using OS X, Ubuntu host and from Container and all with the same Curl command calls. Which has me wondering why that server and not my local LXD rest server? So far makes zero sense to me and the Rest server should make things simpler in the end. Unless I am missing something in configs or settings some where else… or there is bug. I've chased enough code problems to know when you hammer on it from all possible ways. And it's working part of the time….. some thing is off as it's just not making sense. Plus I am not seeing any mention in LXD docs about need for cert and keys for this kind of call. If I need them for the local server I would need them for the pulbic server as well since Linuxcontainers is using self signed cert on that site. -Kevin > Tycho > >> >> >> # OS X term window --> vivid server (same 192.168.x.x network) >> curl -k https://192.168.0.50:8443/1.0/images >> # curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert >> protocol version >> >> >> >> If any one has any ideas or suggestions please send them along. >> >> -Kevin >> >> >> >> _______________________________________________ >> lxc-users mailing list >> lxc-users@lists.linuxcontainers.org >> http://lists.linuxcontainers.org/listinfo/lxc-users > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
